XR 500 Hybrid VPN not routing Traffic

[Midas21312]

Hi,

I have a Netgear Nighthawk XR500 and I sucessfully set up PrivateInternet access as a VPN-Service and somehow it doesnt route my traffic through the Hybrid VPN allthough it is connected successfully.

any Ideas?

 

 

LOGS:

Fri Jan 15 23:32:02 2021 OpenVPN 2.4.3 arm-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Aug 24 2020

Fri Jan 15 23:32:02 2021 library versions: OpenSSL 1.0.2n 7 Dec 2017, LZO 2.06

Fri Jan 15 23:32:02 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Fri Jan 15 23:32:02 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]199.36.223.201:502

Fri Jan 15 23:32:02 2021 Attempting to establish TCP connection with [AF_INET]199.36.223.201:502 [nonblock]

Fri Jan 15 23:32:03 2021 TCP connection established with [AF_INET]199.36.223.201:502

Fri Jan 15 23:32:03 2021 TCPv4_CLIENT link local: (not bound) Fri Jan 15 23:32:03 2021 TCPv4_CLIENT link remote: [AF_INET]199.36.223.201:502

Fri Jan 15 23:32:04 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

Fri Jan 15 23:32:04 2021 [montreal410] Peer Connection Initiated with [AF_INET]199.36.223.201:502

Fri Jan 15 23:32:06 2021 OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options

Fri Jan 15 23:32:06 2021 OpenVPN ROUTE: failed to parse/resolve route for host/network: 2000::/3

Fri Jan 15 23:32:06 2021 TUN/TAP device tun1 opened

Fri Jan 15 23:32:06 2021 do_ifconfig, tt->did_ifconfig_ipv6_setup=0

Fri Jan 15 23:32:06 2021 /sbin/ifconfig tun1 10.7.111.19 netmask 255.255.255.0 mtu 1500 broadcast 10.7.111.255

Fri Jan 15 23:32:06 2021 /dumaos/apps/usr/com.netdumasoftware.hybridvpn/openvpn-event.lua openvpnup 2 tun1 1500 1555 10.7.111.19 255.255.255.0 init

Fri Jan 15 23:32:06 2021 Initialization Sequence Completed

 

 

 

CONFIG:

client
dev tun
proto tcp4
remote ca-montreal.privacy.network 502
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

auth-user-pass
compress
verb 1
reneg-sec 0
<crl-verify>
-----BEGIN X509 CRL-----
MIICWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQI
EwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRl
cm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAw
HgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0
ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRl
aW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZa
MCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG
9w0BAQ0FAAOCAQEAQZo9X97ci8EcPYu/uK2HB152OZbeZCINmYyluLDOdcSvg6B5
jI+ffKN3laDvczsG6CxmY3jNyc79XVpEYUnq4rT3FfveW1+Ralf+Vf38HdpwB8EW
B4hZlQ205+21CALLvZvR8HcPxC9KEnev1mU46wkTiov0EKc+EdRxkj5yMgv0V2Re
ze7AP+NQ9ykvDScH4eYCsmufNpIjBLhpLE2cuZZXBLcPhuRzVoU3l7A9lvzG9mjA
5YijHJGHNjlWFqyrn1CfYS6koa4TGEPngBoAziWRbDGdhEgJABHrpoaFYaL61zqy
MR6jC0K2ps9qyZAN74LEBedEfK7tBOzWMwr58A==
-----END X509 CRL-----
</crl-verify>

<ca>
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIJAKZ7D5Yv87qDMA0GCSqGSIb3DQEBDQUAMIHoMQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNV
BAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIElu
dGVybmV0IEFjY2VzczEgMB4GA1UEAxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3Mx
IDAeBgNVBCkTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkB
FiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbTAeFw0xNDA0MTcxNzM1
MThaFw0zNDA0MTIxNzM1MThaMIHoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
EzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQg
QWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UE
AxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBCkTF1ByaXZhdGUgSW50
ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVy
bmV0YWNjZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPXD
L1L9tX6DGf36liA7UBTy5I869z0UVo3lImfOs/GSiFKPtInlesP65577nd7UNzzX
lH/P/CnFPdBWlLp5ze3HRBCc/Avgr5CdMRkEsySL5GHBZsx6w2cayQ2EcRhVTwWp
cdldeNO+pPr9rIgPrtXqT4SWViTQRBeGM8CDxAyTopTsobjSiYZCF9Ta1gunl0G/
8Vfp+SXfYCC+ZzWvP+L1pFhPRqzQQ8k+wMZIovObK1s+nlwPaLyayzw9a8sUnvWB
/5rGPdIYnQWPgoNlLN9HpSmsAcw2z8DXI9pIxbr74cb3/HSfuYGOLkRqrOk6h4RC
OfuWoTrZup1uEOn+fw8CAwEAAaOCAVQwggFQMB0GA1UdDgQWBBQv63nQ/pJAt5tL
y8VJcbHe22ZOsjCCAR8GA1UdIwSCARYwggESgBQv63nQ/pJAt5tLy8VJcbHe22ZO
sqGB7qSB6zCB6DELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRMwEQYDVQQHEwpM
b3NBbmdlbGVzMSAwHgYDVQQKExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4G
A1UECxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAMTF1ByaXZhdGUg
SW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQpExdQcml2YXRlIEludGVybmV0IEFjY2Vz
czEvMC0GCSqGSIb3DQEJARYgc2VjdXJlQHByaXZhdGVpbnRlcm5ldGFjY2Vzcy5j
b22CCQCmew+WL/O6gzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4IBAQAn
a5PgrtxfwTumD4+3/SYvwoD66cB8IcK//h1mCzAduU8KgUXocLx7QgJWo9lnZ8xU
ryXvWab2usg4fqk7FPi00bED4f4qVQFVfGfPZIH9QQ7/48bPM9RyfzImZWUCenK3
7pdw4Bvgoys2rHLHbGen7f28knT2j/cbMxd78tQc20TIObGjo8+ISTRclSTRBtyC
GohseKYpTS9himFERpUgNtefvYHbn70mIOzfOJFTVqfrptf9jXa9N8Mpy3ayfodz
1wiqdteqFXkTYoSDctgKMiZ6GdocK9nMroQipIQtpnwd4yBDWIyC6Bvlkrq5TQUt
YDQ8z9v+DMO6iwyIDRiU
-----END CERTIFICATE-----
</ca>

disable-occ

 

[Netduma Fraser]

Hey, welcome to the forum!

Sorry to hear you're having this issue. So just to confirm it does show connected on the left? How have you added your devices to the VPN exactly? Could you provide a screenshot please?

[Midas21312]

screenshot is attached to the inital post. I didnt want to add any devices since I want the whole traffic running over the VPN no matter which device it is. but adding the PC or Phones doesnt make any difference sind it doesnt work.

I dont know if it is related but I use a VPN for connecting to my home network when I am out and about could there be a conflict with the services?

And when i want to edit the already configured and connected VPN the entered credentials are blank again, maybe some kind of bug?

[Netduma Fraser]

If you don't any any devices then the VPN will not apply to any devices at all - there is currently no way to apply to the router/devices as a whole unless you add all the devices. 

From the drop down list on the devices you need to select Do NOT VPN these services and then they will be behind the VPN.

The config disappearing is a bug and we'll get that fixed.

[Midas21312]

Thanks for the reply, Its up and working now thanks for that.

are there going to be any future updates regarding routing the whole traffic through a VPN-Service? I would really like to see that.

 

[Netduma Fraser]

We do want to redo the Hybrid VPN feature as it's not as user friendly as we'd like as you've found so I should think we will offer that as an option in future.